#!/bin/bash
# Copyright (c) 2024 maminjie <canpool@163.com>
# SPDX-License-Identifier: MulanPSL-2.0

usage() {
    echo "bash ssh_change_port PORT"
}

if [ $# -lt 1 ]; then
    usage; exit 0
fi

port="$1"

# disable selinux
setenforce 0
sed -i "s/SELINUX=.*/SELINUX=disabled/" /etc/selinux/config

# stop firewall
systemctl stop firewalld
systemctl disable firewalld

## or set security policy
# semanage port -a -t ssh_port_t -p tcp $port
# firewall-cmd --add-port $port/tcp
# firewall-cmd --remove-port=22/tcp
# firewall-cmd --runtime-to-permanent

# change port
sed -i "s/#Port 22/Port ${port}/" /etc/ssh/sshd_config

systemctl restart sshd
